LastPass provides an excellent way to keep track of all your passwords, generating secure ones and giving you access to them online.

With the revelation that a huge chunk of the world's websites were at risk because of the Heartbleed vulnerability in the widely used OpenSSL, password management has never been more essential. Tools like LastPass and Dashlane not only manage passwords, but can create more random secure passwords for you. On the desktop, they even streamline your use of the Web by filling out those tedious forms so many sites require, with name, address, phone number, and so on. As with most Windows Phone apps I've reviewed, this LastPass app includes everything you need—you can access to your secure password vault and even a built-in browser for quick login—but it lacks some extras you find in the Android version.

Similar Products

The desktop version of LastPass saves your passwords (in encrypted form, of course) to the cloud so that you can access them if you lose your PC; you can also get at from afield on a mobile device. The mobile versions of LastPass do this, but are less powerful than desktop browser versions, since you're mostly dealing with separate apps on a mobile device. But LastPass for Windows Phone offers a valuable service nevertheless, making your saved passwords available for copy-and-paste into apps.

First Steps with Last PassYou get the LastPass app from the Windows Phone store; it's just a 2MB download. While the desktop apps for Windows and Mac are free, the mobile apps requires a $1 a month subscription, though there is a 30-day free trial so you can test it out. Creating an account in the LastPass app is easy enough, but I recommend starting out with LastPass via your computer's Web browser. That way, you'll have some site passwords preloaded for when you move to the phone. I tested the app on a new Lumia Icon.

If you do create an account within the Windows Phone app, be sure to make the password long and complex—a phrase is better than a word. For tips, see our Neil Rubenking's article on how to create strong passwords. As you type in your password, a red line below it will indicate its strength. You'll need an email address, too, of course. Once that's done, you'll agree to the services terms and acknowledge that your password will be sent (in encrypted form) to LastPass' servers.

The LastPass interface is quite simple, with only three swipe-across pages: Sites, Favorites, and Secure Notes. There's also a magnifying glass button at the bottom for searching your LastPass vault and a plus sign for adding new sites.

Any site credentials you've entered in any other LastPass instance will appear. Tapping one of these entries pops out a menu with four choices—launch, edit, copy username, and copy password. The last two are particularly useful for the legion of sites that have equivalent apps, as opposed to just mobile websites. Unlike the Android version of LastPass, the Windows Phone version doesn't integrate directly into apps' login forms. So you need to switch between LastPass and the app in question to copy and paste the username (if you don't know it) and the password. LastPass for Android also includes a handy Copy Notifications feature, which puts shortcuts to your password and username in the Notification Tray.

It's much easier to tap Launch, which takes you to the selected site and logs you into it. The custom LastPass browser adds three helpful buttons on the bottom. The key button lets you choose between multiple accounts if you have more than one set up for the site, and the profile button lets you switch between LastPass identities. A "…" menu links you back to your LastPass Vault.

Generate PasswordsYou can (and probably should) have the LastPass app generate your secure passwords. Useful options let you create a pronounceable password, use special characters, avoid ambiguous characters, and require every character type for added security. A slider lets you adjust the password length as in the Android version of LastPass, from 6 to 64 characters. One thing that the Android version can do, but the Windows Phone version can't, is show passwords in clear text. I'm not sure this is such a bad thing, though one of our security analysts disagrees. To me, there's no reason you need to see the password on your phone, as long as you can get into the sites and apps you want to, and not showing it makes for less chance of snoopers seeing it on your phone.

A more important gap is that the Windows Phone LastPass app has no form-filling capabilities for when you're browsing—even with its built-in browser. This does include the profile button, which offers to fill the form with your user profile entries, but a "known-bug" message appeared when I tried to use it.

A final feature of LastPass for Windows Phone is "Secure Notes." These can be anything you'd like encrypted, including attached photos and audio messages. It's also a good place to store lock combinations or other passwords you're not using on the phone itself. These are secured with AES-256 encryption like everything in LastPass, so you can sure you'll be the only one seeing them. That's good, considering that LastPass has templates like "Social Security card."

A drawback of all mobile versions of LastPass—whether you're talking about Android or iPhone—still lack the service's support for multiple forms of authentication. These include biometric devices and LastPass's own very clever Grid system, which has you print out a grid of characters that you enter to verify your identity. Personally, I'd love to see LastPass implement an SMS verification for two-factor authentication, since you're already on the mobile phone. Note, however, that LastPass won't interfere with a site's own two-factor authentication: I added a Yahoo account that uses SMS authentication, and the system worked without a hitch.

The Last Password You'll Ever Need? The Windows Phone LastPass app gets you what you need—all your passwords stored in your LastPass vault. It even can generate secure, random passwords for new accounts, but it's not quite as adept at working with app logins as the Android version.

We here at PCMag are firm believers that you're well served to use a service such as LastPass, not only because it improves your online security in these days of Heartbleed, but it actually simplifies and facilitates your use of Web services and apps. Despite its shortcomings, and because of the excellence of the service as a whole, LastPass is PCMag Editors' Choice for Windows Phone password managers.

About the Author

Michael Muchmore is PC Magazine's lead analyst for software and web applications. A native New Yorker, he has at various times headed up PC Magazine's coverage of Web development, enterprise software, and display technologies. Michael cowrote one of the first overviews of web services for a general audience. Before that he worked on PC Magazine's S... See Full Bio

Max Eddy is a Software Analyst, taking a critical eye to the Android OS and security services. He's also PCMag's foremost authority on weather stations and digital scrapbooking software. He spends much of his time polishing his tinfoil hat and plumbing the depths of the Dark Web.
Prior to PCMag, Max wrote for the International Digital Times, The... See Full Bio

LastPass (for Windows Phone)

LastPass (for Windows Phone)

Get Our Best Stories!

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.